Accepting request 1226801 from mozilla:Factory
- Mozilla Firefox 133.0 https://www.mozilla.org/en-US/firefox/133.0/releasenotes MFSA 2024-63 (bsc#1233695) * CVE-2024-11691 (bmo#1914707, bmo#1924184) Memory corruption in Apple GPU drivers * CVE-2024-11700 (bmo#1836921) Potential Tapjacking Exploit for Intent Confirmation on Android * CVE-2024-11692 (bmo#1909535) Select list elements could be shown over another site * CVE-2024-11701 (bmo#1914797) Misleading Address Bar State During Navigation Interruption * CVE-2024-11702 (bmo#1918884) Inadequate Clipboard Protection in Private Browsing Mode on Android * CVE-2024-11693 (bmo#1921458) Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 (bmo#1924167) CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 (bmo#1925496) URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11703 (bmo#1928779) Password access without authentication via PIN bypass on Android * CVE-2024-11696 (bmo#1929600) Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 (bmo#1842187) Improper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11704 (bmo#1899402) Potential Double-Free Vulnerability in PKCS#7 Decryption Handling * CVE-2024-11698 (bmo#1916152) OBS-URL: https://build.opensuse.org/request/show/1226801 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=443
This commit is contained in:
Ana Guerrero
Git OBS Bridge
commit
d1d6a0968b
@ -1,3 +1,54 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Nov 25 11:00:38 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
- Mozilla Firefox 133.0
|
||||||
|
https://www.mozilla.org/en-US/firefox/133.0/releasenotes
|
||||||
|
MFSA 2024-63 (bsc#1233695)
|
||||||
|
* CVE-2024-11691 (bmo#1914707, bmo#1924184)
|
||||||
|
Memory corruption in Apple GPU drivers
|
||||||
|
* CVE-2024-11700 (bmo#1836921)
|
||||||
|
Potential Tapjacking Exploit for Intent Confirmation on Android
|
||||||
|
* CVE-2024-11692 (bmo#1909535)
|
||||||
|
Select list elements could be shown over another site
|
||||||
|
* CVE-2024-11701 (bmo#1914797)
|
||||||
|
Misleading Address Bar State During Navigation Interruption
|
||||||
|
* CVE-2024-11702 (bmo#1918884)
|
||||||
|
Inadequate Clipboard Protection in Private Browsing Mode on
|
||||||
|
Android
|
||||||
|
* CVE-2024-11693 (bmo#1921458)
|
||||||
|
Download Protections were bypassed by .library-ms files on
|
||||||
|
Windows
|
||||||
|
* CVE-2024-11694 (bmo#1924167)
|
||||||
|
CSP Bypass and XSS Exposure via Web Compatibility Shims
|
||||||
|
* CVE-2024-11695 (bmo#1925496)
|
||||||
|
URL Bar Spoofing via Manipulated Punycode and Whitespace Characters
|
||||||
|
* CVE-2024-11703 (bmo#1928779)
|
||||||
|
Password access without authentication via PIN bypass on Android
|
||||||
|
* CVE-2024-11696 (bmo#1929600)
|
||||||
|
Unhandled Exception in Add-on Signature Verification
|
||||||
|
* CVE-2024-11697 (bmo#1842187)
|
||||||
|
Improper Keypress Handling in Executable File Confirmation Dialog
|
||||||
|
* CVE-2024-11704 (bmo#1899402)
|
||||||
|
Potential Double-Free Vulnerability in PKCS#7 Decryption Handling
|
||||||
|
* CVE-2024-11698 (bmo#1916152)
|
||||||
|
Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS
|
||||||
|
* CVE-2024-11705 (bmo#1921768)
|
||||||
|
Null Pointer Dereference in NSC_DeriveKey
|
||||||
|
* CVE-2024-11706 (bmo#1923767)
|
||||||
|
Null Pointer Dereference in PKCS#12 Utility
|
||||||
|
* CVE-2024-11708 (bmo#1922912)
|
||||||
|
Data race with PlaybackParams
|
||||||
|
* CVE-2024-11699 (bmo#1880582, bmo#1929911)
|
||||||
|
Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5,
|
||||||
|
and Thunderbird 128.5
|
||||||
|
- requires NSS 3.106
|
||||||
|
- remove obsolete mozilla-python313.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Nov 23 17:52:32 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- add mozilla-python313.patch to fix build with python 3.13+
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Nov 15 13:37:19 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
|
Fri Nov 15 13:37:19 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
|
||||||
|
|
||||||
|
|||||||
@ -28,9 +28,9 @@
|
|||||||
# orig_suffix b3
|
# orig_suffix b3
|
||||||
# major 69
|
# major 69
|
||||||
# mainver %%major.99
|
# mainver %%major.99
|
||||||
%define major 132
|
%define major 133
|
||||||
%define mainver %major.0.2
|
%define mainver %major.0
|
||||||
%define orig_version 132.0.2
|
%define orig_version 133.0
|
||||||
%define orig_suffix %{nil}
|
%define orig_suffix %{nil}
|
||||||
%define update_channel release
|
%define update_channel release
|
||||||
%define branding 1
|
%define branding 1
|
||||||
@ -114,7 +114,7 @@ BuildRequires: libiw-devel
|
|||||||
BuildRequires: libproxy-devel
|
BuildRequires: libproxy-devel
|
||||||
BuildRequires: makeinfo
|
BuildRequires: makeinfo
|
||||||
BuildRequires: mozilla-nspr-devel >= 4.35
|
BuildRequires: mozilla-nspr-devel >= 4.35
|
||||||
BuildRequires: mozilla-nss-devel >= 3.105
|
BuildRequires: mozilla-nss-devel >= 3.106
|
||||||
BuildRequires: nasm >= 2.14
|
BuildRequires: nasm >= 2.14
|
||||||
BuildRequires: nodejs >= 12.22.12
|
BuildRequires: nodejs >= 12.22.12
|
||||||
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
||||||
@ -724,7 +724,7 @@ exit 0
|
|||||||
%{progdir}/crashreporter
|
%{progdir}/crashreporter
|
||||||
#%{progdir}/crashreporter.ini
|
#%{progdir}/crashreporter.ini
|
||||||
#%{progdir}/Throbber-small.gif
|
#%{progdir}/Throbber-small.gif
|
||||||
%{progdir}/minidump-analyzer
|
#%{progdir}/minidump-analyzer
|
||||||
#%{progdir}/browser/crashreporter-override.ini
|
#%{progdir}/browser/crashreporter-override.ini
|
||||||
%endif
|
%endif
|
||||||
%{_datadir}/applications/%{desktop_file_name}.desktop
|
%{_datadir}/applications/%{desktop_file_name}.desktop
|
||||||
|
|||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:329e1764f4b4e13f11dcf1fd7b3c6d8f80e512e8b7ed5bf65fbe44749c2610e9
|
|
||||||
size 570535648
|
|
||||||
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcxUm8ACgkQ4207E/PZ
|
|
||||||
MnT0wRAArmyYe/mq41VRqfNWiImndL87tEhJcdi+6GWvnP0Rj7IYi2Wl5ACxuHbk
|
|
||||||
dDNP0J8af/ICqpuKmSLfGHfsA8ANBSXncQ1LR3YByutiDHjQ+iRwwwn9wIGrA7PA
|
|
||||||
56QKa7WoexeKQiegkL02f4C8f9RNbfI64CNyUknEpj8VQRcbttpx1NSCcCQBc1OZ
|
|
||||||
SqBtXJyvdkZVVXi5VeWID+0jpduKcdMMH/n6mAqre8LQlIvISasPfBYkXa+zNHwd
|
|
||||||
WtBVgRelbvoqPJWXLBbiiH0y5Tr5MeJZn+JzW7wszc2XosqG5skf8cUkXBWdx8Gd
|
|
||||||
2X0TCd8xxMN5YuAVyOVRT8qn+/6sZebM/6Wwovf8D4hKgf91yxR4aqLpLApuLWc6
|
|
||||||
54EJkXGYyZsQyXCi5SmzMAvwuCKiIYVgPFYctMsrw7GXajkznIXqOg/VRDB0YpQg
|
|
||||||
ius2QTt44NF6Vp7u+NHyI87QYX4HjmMkziqgdqP72K+Qgx+mta93ebleoIMiHykC
|
|
||||||
+IP14/OMjZXbSD6N+fGX64Jog5LnAyV+ld4bk2SzsKJkfXWojhIYe0qdZRFL3fDd
|
|
||||||
7ERd/LIWeYOPdRHpKfMqh9b7jqp2I9ssC+JmhECXKNc2tFKKWtbJ5EpbGcgnfaqH
|
|
||||||
kcqZNfyeGl228SfHolCzssA5JudW2LsyKOHpRwJ0y6ZHChfSrjQ=
|
|
||||||
=POwe
|
|
||||||
-----END PGP SIGNATURE-----
|
|
||||||
3
firefox-133.0.source.tar.xz
Normal file
3
firefox-133.0.source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:492b2c9a3b6d215e38ce490624e8b2b9473419accdeaddb24ba00bc6adc3cc60
|
||||||
|
size 582165112
|
||||||
16
firefox-133.0.source.tar.xz.asc
Normal file
16
firefox-133.0.source.tar.xz.asc
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmc/e7sACgkQ4207E/PZ
|
||||||
|
MnRqQw//TaAudMwOpvyStSBd1C+W0fOFV+aFNMLGdjflWwyPKt3qR59NcChlFivv
|
||||||
|
dRx7ag9KKOFeECF661WXodC3l67f/DqxFsvJz6HM2WIE9XWUG3TxDLoSJyRtoiLQ
|
||||||
|
MYZY3KrbiwFn+ZgCCp37UbJYlFZ1O7vWyoGaAOUA0sr7Mfizs2DWEzh4+u70RAgM
|
||||||
|
EhpSCi2Vm3dPDVGDaLvT62JyS2F100bcdU6Wbae8UP3VarZCAl3J0JH8R9rEaj3R
|
||||||
|
qjgCFUHe8i+U/GtTzgsbW7d3/hENj9HX+b9sLEImSqqX9Lo6YRlO09IrWwoHrijr
|
||||||
|
MFUI/JgH52YTofB9ucvZfQkvyNEug0oFGhfTcYnyvOtDzE2oIjPVSSCgnkyXWxTm
|
||||||
|
r/EKxN0zWTGRGaGBCtkcrsbMXaAxjfd71CkjsmoUdge5/nERBfUN1TGgZQrq/6Dh
|
||||||
|
f/edsUiQxSIjTkI40Xt3NhXPQozWm8WSD87pVm2FSQH9k3rEGnUssLCIO4SRgrDL
|
||||||
|
Evs5KBtJmasn8o/G4KQK08CzraPuDXEWqd7o8Tjz2fXnEDi6ChkJZyPMjnEFbwOy
|
||||||
|
PvaN5YauaqgOKO3Uo408YE+zcTcSEEqiG+sBYOseMo/K1fmIBRhQxpYMU6r8FWiE
|
||||||
|
XjfE63U5tk+LJl2RKNqdg4Dw6SBC5T7qfwpQXJfs/rdrImZ+fhE=
|
||||||
|
=g/x2
|
||||||
|
-----END PGP SIGNATURE-----
|
||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:101ebdc00d8f913a6cfeabf2dfeb4262307e096f4afde07c942853065729a813
|
|
||||||
size 34999896
|
|
||||||
3
l10n-133.0.tar.xz
Normal file
3
l10n-133.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:767905b231198d4b0cdbc00970cd4de63315bf63fb1d88bf53c844d4e694f8fe
|
||||||
|
size 35102084
|
||||||
@ -1,10 +1,10 @@
|
|||||||
PRODUCT="firefox"
|
PRODUCT="firefox"
|
||||||
CHANNEL="release"
|
CHANNEL="release"
|
||||||
VERSION="132.0.2"
|
VERSION="133.0"
|
||||||
VERSION_SUFFIX=""
|
VERSION_SUFFIX=""
|
||||||
PREV_VERSION="132.0.1"
|
PREV_VERSION="132.0.2"
|
||||||
PREV_VERSION_SUFFIX=""
|
PREV_VERSION_SUFFIX=""
|
||||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||||
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
|
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
|
||||||
RELEASE_TAG="60f8744af5044d16783c2c71ca09d27f3932afce"
|
RELEASE_TAG="8141aab3ba856d7cbae6c851dd71f2e0cb69649c"
|
||||||
RELEASE_TIMESTAMP="20241110231641"
|
RELEASE_TIMESTAMP="20241121140525"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user